Centrelink
Smart Card Technical Issues Starter Kit

Roger Clarke

Principal, Xamax Consultancy Pty Ltd, Canberra

Visiting Fellow, Department of Computer Science, Australian National University

Version of 8 April 1998

© Xamax Consultancy Pty Ltd, 1998

Available under an AEShareNet Free for Education licence

This document was prepared for Centrelink. Its purpose was to support the consultation process between Centrelink and privacy advocates, during a project that was intended to lay the foundations for a variety of projects for Centrelink's client agencies that it was anticipated would involve smart cards

This document draws heavily on sources identified at

http://www.anu.edu.au/people/Roger.Clarke/EC/AnnBibl.html#CBS

http://www.anu.edu.au/people/Roger.Clarke/II/AnnBibl.html#PI

http://www.anu.edu.au/people/Roger.Clarke/II/AnnBibl.html#Privacy

http://www.anu.edu.au/people/Roger.Clarke/DV/AnnBibl.html

This document is at http://www.anu.edu.au/people/Roger.Clarke/DV/SCTISK.html


Background

Centrelink is investigating the application of smart cards to its operations. It is also the lead-agency responsible for addressing and resolving cross-jurisdictional issues in the use of smart cards for the delivery of concessions and benefits.

Centrelink is well aware that public interest concerns arise in relation to smart cards. It has accordingly established consultative arrangements with privacy advocates, and with consumer interest representatives of clients of Centrelink and its client agencies.

Policy discussions relating to smart cards and their applications are technically challenging, and privacy advocates have expressed the need for background information to ensure that they can participate effectively in consultations.

This document addresses that need, by providing a set of materials that introduce smart cards, and various related technologies.


Contents

1. Introduction To Smart Cards 3

  1. A Starting Point 3
  2. In Greater Depth 3
  3. Contact-Based And Contactless Cards 5

2. Applications Of Smart Cards 9

  1. Applications Generally 9
  2. Stored-Value Cards (SVCs) 11

3. Human Identification And Identity Authentication 14

  1. Human Identification 14
  2. Identity Authentication 15

4. Data Transmission Security 16

  1. Data Transmission Security Risks 16
  2. Requirements For Data Transmission Security 17
  3. A Data Transmission Security Regime 17

5. Public Key Cryptography 18

  1. Cryptography Generally 18
  2. Symmetric Cryptography 18
  3. Asymmetric ('public Key') Cryptography 19
  4. Applied Public Key Cryptography 19
  5. Public Key Cryptography And The Management Of Secret Keys 22
  6. Additional Issues In Public Key Cryptography 22

6. Digital Signatures In Practice 27

7. Smart Cards In Identification And Authentication 30

  1. Plastic Cards As Evidence Of Identity 30
  2. Chip-Cards As Evidence Of Identity 30
  3. Chip-Cards As A Means Of Private Key Storage 31
  4. Chip-Cards As A Means Of Private Key Protection 31

8 Smart Cards And Privacy Issues 33

  1. Smart Cards And Privacy 33
  2. Anonymity And Pseudonymity 34
  3. Digital Signatures And Privacy 36
  4. Smart Cards As Privacy-Protective Or Even Privacy-Enhancing Technology 36

Navigation

Go to Roger's Home Page.

Go to the contents-page for this segment.

Send an email to Roger

Created: 14 July 1998

Last Amended: 14 July 1998; addition of FfE licence 5 March 2004


These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).
The Australian National University
Visiting Fellow, Faculty of
Engineering and Information Technology,
Information Sciences Building Room 211
Xamax Consultancy Pty Ltd, ACN: 002 360 456
78 Sidaway St
Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, 6288 6916